<?
session_start();
header("Content-Type:   text/html;   charset=utf-8");

include('../include/conn_db.php');
include ('../include/db_class.php');
mysql_connect(HOST,NAME,PASS) or die(mysql_error());
mysql_select_db(DBNAME);
mysql_query('SET NAMES '.CODEPAGE);
$postname=addslashes ($_POST['name']);//使用反斜线引用字符串
$postpass=addslashes ($_POST['pass']);//使用反斜线引用字符串
$postpass=md5($postpass);
$iscookies=$_POST['cookie'];
	$sql="select * from ".TABLE_C."admin where name='".$postname."' and pass='".$postpass."'";
	mysql_query('SET NAMES utf-8');
	$rs=mysql_query($sql);
	if(@mysql_num_rows($rs)>0){
		$tmprs=mysql_fetch_assoc($rs);
		$_SESSION['adminId']=$tmprs['id'];
		$_SESSION['adminName']=$tmprs['name'];
		$_SESSION['adminPower']=$tmprs['power'];
		if($iscookies=='yes'){
			setcookie('cookie_admin',$tmprs['name'],time()+3600*24*30);	
		}

		mysql_free_result($rs);
		mysql_close();
		header('LOCATION:index.php');
		exit;
	}else{
		echo '<font color=red>用户名或密码错误！</font> <a href="login.php">点击返回</a>';
		exit;
	}
?>